Sandboxing your containers with gVisor (Cloud Next ’18)

Kelvion New Plate Heat Exchanger


While containers have become a popular way to deploy applications, securing them is not well understood. How do you run code that users have uploaded without exposing your entire infrastructure? How do you run third-party applications where you don’t have access to the source code? This talk will explore various practices to run trusted and untrusted workloads on Kubernetes Engine and discuss the pros and cons of them. In addition to the technical highlights, we will present key use cases and solutions to harden the security of your containers using gVisor.

Event schedule → http://g.co/next18

Watch more Infrastructure & Operations sessions here → http://bit.ly/2uEykpQ
Next ‘18 All Sessions playlist → http://bit.ly/Allsessions

Subscribe to the Google Cloud channel! → http://bit.ly/NextSub


Duration: 53:6
Publisher: Google Cloud
You can watch this video also at the source.